
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Microsoft’s June Patch Tuesday closes the actively exploited Exchange Server CVE-2026-42897 and sets a 17-day countdown to a critical Secure

Microsoft’s June Patch Tuesday closes the actively exploited Exchange Server CVE-2026-42897 and sets a 17-day countdown to a critical Secure

Check Point disclosed CVE-2026-50751, a critical VPN authentication bypass exploited by Qilin ransomware for five weeks, and released an emergency

WhatsApp detected new NSO Group activity violating a permanent court injunction and filed a federal contempt motion against the Israeli

TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach

Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with

Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and

Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.

South Korea’s largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.

Depthfirst’s autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a

Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.